package serv;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;
import java.util.Vector;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Servlet implementation class Manager
 */
@WebServlet(description = "管理员作业servlet", urlPatterns = { "/Manager" })
public class Manager extends HttpServlet {
	private static final long serialVersionUID = 1L;
	String m_op = null;
	Vector<Vector<String>> vt = new Vector<Vector<String>>();
	String m_user = "";
	String m_organ = null;
	Vector<Vector<String>> vt_organ = new Vector<Vector<String>>();
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public Manager() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	@SuppressWarnings("unchecked")
	@Override
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		int ret=-1;
		request.setCharacterEncoding("GBK");
		response.setContentType("text/html");
		response.setCharacterEncoding("GBK");
		PrintWriter out = response.getWriter();
		//以下为DEBUG
		String m_manage = request.getParameter("manage_type");
		if(m_manage==null){
			out.println("参数错误 —— manage_type=" + m_manage);
		}
		m_op = request.getParameter("op");
		
		//debug
		System.out.println("manage_type:"+m_manage);
		System.out.println("m_op:"+m_op);
		
		HttpSession session = request.getSession(true);
		if(session.getAttribute(m_manage.toString())!=null){
			vt = (Vector<Vector<String>>) session.getAttribute(m_manage.toString());
		}
		m_user = (String)session.getAttribute("user_name");
	    GwkOrgan Organ = (GwkOrgan)session.getAttribute("logonOrgan");
	    m_organ = Organ.getM_BANK_ORGAN_ID();
	    vt_organ = Organ.m_organ;

		if (m_manage.compareTo("organ") == 0) {
			try {
				ret = do_organ(request, response);
				if (ret == -10) {
					out.println("机构级别不合法<br> ");
					out.println("不是比父机构少一级<br> ");
					out.println("<a href='Manager/Manager_Query.jsp?manage_type=organ'>请重新操作</a>");
					return;
				}
				if (ret == -11) {
					out.println("父机构号不合法<br> ");
					out.println("不能自身ID为父机构的父机构<br> ");
					out.println("<a href='Manager/Manager_Query.jsp?manage_type=organ'>请重新操作</a>");
					return;
				}
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
		} else if (m_manage.compareTo("user") == 0) {
			try {
				ret = do_user(request, response);
			} catch (Exception e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
		} else if (m_manage.compareTo("card") == 0) {
			try {
				ret = do_card(request, response);
				if(ret==0){
					out.print("1");
				}else
					out.print("0");
			} catch (Exception e) {
				// TODO Auto-generated catch block
				//e.printStackTrace();
				out.print("0");
			}
			return;
		} else if (m_manage.compareTo("gen_verify") == 0) {
			try {
				String rstr = gen_verify(request, response);
				System.out.println("rstr"+rstr);
				if(rstr!=null)
					out.print(rstr);
			} catch (Exception e) {
				// TODO Auto-generated catch block
				//e.printStackTrace();
				out.print("0");
			}
			return;
		} else {
			out.println("参数错误 —— manage_type=" + m_manage);
			return;
		}
		
		if (ret == -1) {
			out.println("连接数据库失败<br> ");
			out.println("<a href='Manager/Manager_Query.jsp?manage_type=" + m_manage +"'>请重新操作</a>");
			return;
		}else if (ret == 0) {
			session.setAttribute(m_manage.toString(), vt);
		}
		String nextJSP = new String();
		if (m_manage.compareTo("user") == 0){
			nextJSP = "Manager/Manager_UserMain.jsp";
		}else
			nextJSP = "Manager/Manager_Query.jsp?manage_type=" + m_manage;
		response.sendRedirect(nextJSP);
		return;
	}

	//员工管理
	private int do_user(HttpServletRequest request, 
			HttpServletResponse response) throws Exception {
		// TODO Auto-generated method stub
		String mysql = null;
		int choice = 0;
		int ret = 0;

		if (m_op == null) {
			// 空时
			return -1;
		} else if (m_op.compareTo("Q") == 0) {
			mysql = "select a.USR_ID,a.USR_NAME,a.BANK_ORGAN_ID,b.BANK_ORGAN_NAME,"
					+ "a.manager,a.close "
					+ "from GX_CORP_USR a,GX_CORP_BANK_ORGAN b "
					+ "where a.BANK_ORGAN_ID=b.BANK_ORGAN_ID ";
			String strBANK_ORGAN_NAME = request.getParameter("BANK_ORGAN_NAME"); 
			String strUSR_NAME = request.getParameter("USR_NAME"); 
			String strUSR_ID = request.getParameter("USR_ID"); 
			if(strBANK_ORGAN_NAME!=null && strBANK_ORGAN_NAME.length()>0){
				mysql +="and b.BANK_ORGAN_NAME like '%" + strBANK_ORGAN_NAME + "%' ";
			}
			if(strUSR_NAME!=null && strUSR_NAME.length()>0){
				mysql +="and a.USR_NAME like '%" + strUSR_NAME + "%' ";
			}
			if(strUSR_ID!=null && strUSR_ID.length()>0){
				mysql +="and a.USR_ID = '" + strUSR_ID + "' ";
			}
			if(m_organ!=null){
				//不是管理员
				mysql += "and a.BANK_ORGAN_ID in (";
				for (int j = 0; j < vt_organ.size(); j++) {
					if (j == 0) {
						mysql += "'";
					} else
						mysql += ",'";
					mysql += vt_organ.get(j).get(0).toString() + "'";
				}
				mysql += ") ";
			}
		} else if (m_op.compareTo("A") == 0) {
			// 增加
			String pwd = "999999";
			mysql = "insert into GX_CORP_USR(USR_ID,USR_NAME,USR_PWD,BANK_ORGAN_ID," 
				+ "manager,close,UPD_USER,UPD_DATE) ";
			mysql += "values(\'" + request.getParameter("USR_ID") + "\',\'";
			mysql += request.getParameter("USR_NAME") + "\',\'";
			mysql += GwkDB.encryptMD5(pwd) + "\',\'";
			mysql += request.getParameter("BANK_ORGAN_ID") + "\',";
			mysql += request.getParameter("MANAGER") + ",";
			mysql += request.getParameter("CLOSE") + ",'";
			mysql += m_user + "',sysdate)";
		} else if (m_op.compareTo("M") == 0) {
			// 修改
			mysql = "update GX_CORP_USR ";
			mysql += "set USR_ID=\'" + request.getParameter("USR_ID") + "\',";
			mysql += "USR_NAME=\'" + request.getParameter("USR_NAME") + "\',";
			mysql += "BANK_ORGAN_ID=\'" + request.getParameter("BANK_ORGAN_ID") + "\',";
			mysql += "MANAGER=" + request.getParameter("MANAGER") + ",";
			mysql += "CLOSE=" + request.getParameter("CLOSE") + ",";
			mysql += "UPD_USER='" + m_user + "',";
			mysql += "UPD_DATE=sysdate ";
			mysql += "where USR_ID=\'" + request.getParameter("ORG_USR_ID")
					+ "\'";
		} else if (m_op.compareTo("D") == 0) {
			choice = Integer.valueOf(request.getParameter("choice"));
			mysql = "delete from GX_CORP_USR ";
			mysql += "where USR_ID=\'"
					+ vt.get(choice).get(0).toString()
					+ "\'";
		} else
			return -3;

		GwkDB gwkdb = new GwkDB();
		if (m_op.compareTo("Q") == 0)
			ret = gwkdb.query(mysql, 6);
		else
			ret = gwkdb.update(GwkDB.convert_chn(mysql));
		System.out.println("----ret:" + ret);
		if (ret < 0) {
			return ret;
		}

		if (m_op.compareTo("A") == 0 || m_op.compareTo("M") == 0) {
			Vector<String> vt1 = new Vector<String>();
			vt1.add(request.getParameter("USR_ID"));
			vt1.add(GwkDB.convert_chn(request.getParameter("USR_NAME")));
			vt1.add(request.getParameter("BANK_ORGAN_ID"));
			GwkOrgan Organ = new GwkOrgan();
			Organ.GetMyOrgan(request.getParameter("USR_ID").toString());
			vt1.add(Organ.m_organ.get(0).get(3).toString());
			vt1.add(request.getParameter("MANAGER"));
			vt1.add(request.getParameter("CLOSE"));
			if (m_op.compareTo("M") == 0) {
				choice = Integer.valueOf(request.getParameter("choice"));
				vt.set(choice, vt1);
			} else {
				vt.add(vt1);
			}
		} else if (m_op.compareTo("D") == 0) {
			vt.remove(choice);
		} else {
			// 操作成功
			vt.clear();
			vt = gwkdb.dbvt;
		}
		return 0;
	}

	//处理机构号管理
	private int do_organ(HttpServletRequest request,
			HttpServletResponse response) throws IOException, SQLException {
		// TODO Auto-generated method stub
		String mysql = null;
		int choice = 0;
		int ret = 0;

		if (m_op == null) {
			// 空时
			return -1;
		} else if (m_op.compareTo("Q") == 0) {
			mysql = "select BANK_ORGAN_ID,BANK_ORGAN_NAME,BANK_ORGAN_LEVEL,BANK_PARENT_ID"
					+ " from GX_CORP_BANK_ORGAN order by BANK_ORGAN_ID";
		} else if (m_op.compareTo("A") == 0) {
			// 增加
			mysql = "insert into GX_CORP_BANK_ORGAN(BANK_ORGAN_ID,BANK_ORGAN_NAME,"
					+ "BANK_ORGAN_LEVEL,BANK_PARENT_ID,UPD_USER,UPD_DATE) ";
			mysql += "values(\'" + request.getParameter("BANK_ORGAN_ID")
					+ "\',\'";
			mysql += request.getParameter("BANK_ORGAN_NAME") + "\',";
			mysql += request.getParameter("BANK_ORGAN_LEVEL") + ",\'";
			mysql += request.getParameter("BANK_PARENT_ID") + "\',\'";
			mysql += "MANAGER" + "\',sysdate)";
		} else if (m_op.compareTo("M") == 0) {
			// 修改
			ret = check_organ(request.getParameter("BANK_ORGAN_ID"),
					request.getParameter("BANK_ORGAN_LEVEL"),
					request.getParameter("BANK_PARENT_ID"));
			if(ret<0){
				return ret;
			}
			mysql = "update GX_CORP_BANK_ORGAN ";
			mysql += "set BANK_ORGAN_ID=\'"
					+ request.getParameter("BANK_ORGAN_ID") + "\',";
			mysql += "BANK_ORGAN_NAME=\'"
					+ request.getParameter("BANK_ORGAN_NAME") + "\',";
			mysql += "BANK_ORGAN_LEVEL="
					+ request.getParameter("BANK_ORGAN_LEVEL") + ",";
			mysql += "BANK_PARENT_ID=\'"
					+ request.getParameter("BANK_PARENT_ID") + "\',";
			mysql += "UPD_DATE=sysdate ";
			mysql += "where BANK_ORGAN_ID=\'"
					+ request.getParameter("BANK_ORG_ORGAN_ID") + "\'";
		} else if (m_op.compareTo("D") == 0) {
			choice = Integer.valueOf(request.getParameter("choice"));
			mysql = "delete from GX_CORP_BANK_ORGAN ";
			mysql += "where BANK_ORGAN_ID=\'"
					+ vt.get(choice).get(0).toString()
					+ "\'";
		} else
			return -3;
		System.out.println("mysql:" + mysql);
		GwkDB gwkdb = new GwkDB();
		if (m_op.compareTo("Q") == 0)
			ret = gwkdb.query(mysql, 4);
		else
			ret = gwkdb.update(GwkDB.convert_chn(mysql));
		System.out.println("----ret:" + ret);
		if (ret < 0) {
			return ret;
		}
		System.out.println("成功");
		if (m_op.compareTo("A") == 0 || m_op.compareTo("M") == 0) {
			Vector<String> vt1 = new Vector<String>();
			vt1.add(request.getParameter("BANK_ORGAN_ID"));
			vt1.add(GwkDB.convert_chn(request.getParameter("BANK_ORGAN_NAME")));
			vt1.add(request.getParameter("BANK_ORGAN_LEVEL"));
			vt1.add(request.getParameter("BANK_PARENT_ID"));
			if (m_op.compareTo("M") == 0) {
				for (int i = 0; i < vt.size(); i++) {
					if (vt.get(i)
							.get(0)
							.toString()
							.compareTo(
									request.getParameter("BANK_ORG_ORGAN_ID")) == 0) {
						vt.set(i, vt1);
					}
				}
			} else {
				vt.add(vt1);
			}
		} else if (m_op.compareTo("D") == 0) {
			vt.remove(choice);
		} else {
			// 操作成功
			vt.clear();
			vt = gwkdb.dbvt;
			Vector<String> vthead = new Vector<String>();
			vthead.add("机构号");
			vthead.add("机构名称");
			vthead.add("机构级别");
			vthead.add("上一级机构号");
			vt.add(0, vthead);
		}
		return 0;
	}

	/**   
	 * 此方法描述的是： 检查银行机构的合法性
	 * @author: 朱凯锋   
	 * @version: 2013年8月9日 上午11:18:39   
	 * @throws IOException 
	 * @throws SQLException 
	 */
	private int check_organ(String bank_organ_id,String bank_organ_level,String bank_parent_id) throws SQLException, IOException {
		// TODO Auto-generated method stub
		String mysql = "select BANK_ORGAN_LEVEL,BANK_PARENT_ID" + 
				" from GX_CORP_BANK_ORGAN where BANK_ORGAN_ID = ";
		mysql += "\'" + bank_parent_id +"\' ";
		GwkDB gwkdb = new GwkDB();
		int ret = gwkdb.query(mysql, 2);
		if(ret<0)
			return ret;
		int parent_level = Integer.valueOf(gwkdb.dbvt.get(0).get(0).toString());
		int my_level = Integer.valueOf(bank_organ_level);
		
		//不允许bank_organ_level不是bank_parent_id的bank_organ_leval的+1
		if(my_level!=parent_level+1)
			return -10;
		//不允许自身的ID，是父ID的父ID，即互为父ID
		if(bank_organ_id.equals(gwkdb.dbvt.get(0).get(1).toString())){
			return -11;
		}
		return 0;
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	@Override
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		doGet(request,response);
	}
	//手工录入公务卡
	private int do_card(HttpServletRequest request, 
				HttpServletResponse response) throws Exception {
		String name = request.getParameter("name");
		String cardno = request.getParameter("cardno");
		String organ_level_aa = request.getParameter("organ_level_a");
		String issue_card_date = request.getParameter("issue_card_date");
		
		int index = organ_level_aa.indexOf("|");
		String organ_level_a = organ_level_aa.substring(0, index);
		String organ_level_a_name = organ_level_aa.substring(index+1);

		String mysql = "insert into gx_corp_cus(cardholder_name,card_no,organ_level_a," 
				+ "organ_level_a_name,card_flag,issue_card_date,trans_seqno,upd_user,upd_date) values('" 
				+ name + "','" + cardno + "','" + organ_level_a + "','" + organ_level_a_name 
				+ "','A','" + issue_card_date + "',seq_trans.nextval,'manager',sysdate)";
		GwkDB gwkdb = new GwkDB();
		int ret = gwkdb.update(mysql);
		if(ret<=0)
			return -1;
		return 0;
	}
	//生成新验证码
	private String gen_verify(HttpServletRequest request, 
					HttpServletResponse response) throws Exception {
			String organ_level_a = request.getParameter("organ_level_a");

			String mysql = "select dbms_random.string('X',4) from dual";
			GwkDB gwkdb = new GwkDB();
			int ret = gwkdb.query(mysql, 1);
			if(ret<0)
				return null;
			
			String verify = gwkdb.dbvt.get(0).get(0).toString();
			System.out.println("verify:"+verify);
			
			mysql = "update gx_corp_bank_unit set verify='" + verify + "' where organ_level_a = '" 
					+ organ_level_a + "'";
			ret = gwkdb.update(mysql);
			if(ret<=0)
				return null;
			return verify;
		}
}
